List Access Profiles
GET {{baseUrl}}/access-profiles
Use this API to get a list of access profiles. A token with API, ORGADMIN, ROLEADMIN, ROLESUBADMIN, SOURCEADMIN, or SOURCE_SUBADMIN authority is required to call this API.
Note: When you filter for access profiles that have the '+' symbol in their names, the response is blank.
Request Params
| Key | Datatype | Required | Description |
|---|---|---|---|
for-subadmin | string | If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID, or the special value me, which is shorthand for the calling identity's ID. |
A 400 Bad Request error is returned if the for-subadmin parameter is specified for an identity that is not a subadmin. |
| limit | number | | Note that for this API the maximum value for limit is 50.
See V3 API Standard Collection Parameters for more information. |
| offset | number | | Offset into the full result set. Usually specified with limit to paginate through the results.
See V3 API Standard Collection Parameters for more information. |
| count | boolean | | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored.
Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used.
See V3 API Standard Collection Parameters for more information. |
| filters | string | | Filter results using the standard syntax described in V3 API Standard Collection Parameters
Filtering is supported for the following fields and operators:
id: eq, in
name: eq, sw
created: gt, lt, ge, le
modified: gt, lt, ge, le
owner.id: eq, in
requestable: eq
source.id: eq, in
Composite operators supported: and, or
Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names. |
| sorters | string | | Sort results using the standard syntax described in V3 API Standard Collection Parameters
Sorting is supported for the following fields: name, created, modified |
| for-segment-ids | string | | If present and not empty, additionally filters access profiles to those which are assigned to the segment(s) with the specified IDs.
If segmentation is currently unavailable, specifying this parameter results in an error. |
| include-unsegmented | boolean | | Indicates whether the response list should contain unsegmented access profiles. If for-segment-ids is absent or empty, specifying include-unsegmented as false results in an error. |
HEADERS
| Key | Datatype | Required | Description |
|---|---|---|---|
Accept | string |
RESPONSES
status: OK
[{"owner":{"type":"IDENTITY","id":"2c9180a46faadee4016fb4e018c20639","name":"support"},"name":"Employee-database-read-write","source":{"id":"2c91809773dee3610173fdb0b6061ef4","type":"SOURCE","name":"ODS-AD-SOURCE"},"id":"2c91808a7190d06e01719938fcd20792","description":"Collection of entitlements to read/write the employee database","created":"2021-03-01T22:32:58.104Z","modified":"2021-03-02T20:22:28.104Z","enabled":true,"entitlements":[{"type":"ENTITLEMENT","id":"2c91809773dee32014e13e122092014e","name":"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local"},{"type":"ENTITLEMENT","id":"2c91809773dee32014e13e122092014e","name":"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local"}],"requestable":true,"accessRequestConfig":{"commentsRequired":true,"denialCommentsRequired":true,"approvalSchemes":[{"approverType":"GOVERNANCE_GROUP","approverId":"46c79819-a69f-49a2-becb-12c971ae66c6"},{"approverType":"GOVERNANCE_GROUP","approverId":"46c79819-a69f-49a2-becb-12c971ae66c6"}]},"revocationRequestConfig":{"approvalSchemes":[{"approverType":"GOVERNANCE_GROUP","approverId":"46c79819-a69f-49a2-becb-12c971ae66c6"},{"approverType":"GOVERNANCE_GROUP","approverId":"46c79819-a69f-49a2-becb-12c971ae66c6"}]},"segments":["f7b1b8a3-5fed-4fd4-ad29-82014e137e19","29cb6c06-1da8-43ea-8be4-b3125f248f2a"],"provisioningCriteria":{"operation":"OR","children":[{"operation":"AND","children":[{"attribute":"dn","operation":"CONTAINS","value":"useast"},{"attribute":"manager","operation":"CONTAINS","value":"Scott.Clark"}]},{"operation":"AND","children":[{"attribute":"dn","operation":"EQUALS","value":"Gibson"},{"attribute":"telephoneNumber","operation":"CONTAINS","value":"512"}]}]}},{"owner":{"type":"IDENTITY","id":"2c9180a46faadee4016fb4e018c20639","name":"support"},"name":"Employee-database-read-write","source":{"id":"2c91809773dee3610173fdb0b6061ef4","type":"SOURCE","name":"ODS-AD-SOURCE"},"id":"2c91808a7190d06e01719938fcd20792","description":"Collection of entitlements to read/write the employee database","created":"2021-03-01T22:32:58.104Z","modified":"2021-03-02T20:22:28.104Z","enabled":true,"entitlements":[{"type":"ENTITLEMENT","id":"2c91809773dee32014e13e122092014e","name":"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local"},{"type":"ENTITLEMENT","id":"2c91809773dee32014e13e122092014e","name":"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local"}],"requestable":true,"accessRequestConfig":{"commentsRequired":true,"denialCommentsRequired":true,"approvalSchemes":[{"approverType":"GOVERNANCE_GROUP","approverId":"46c79819-a69f-49a2-becb-12c971ae66c6"},{"approverType":"GOVERNANCE_GROUP","approverId":"46c79819-a69f-49a2-becb-12c971ae66c6"}]},"revocationRequestConfig":{"approvalSchemes":[{"approverType":"GOVERNANCE_GROUP","approverId":"46c79819-a69f-49a2-becb-12c971ae66c6"},{"approverType":"GOVERNANCE_GROUP","approverId":"46c79819-a69f-49a2-becb-12c971ae66c6"}]},"segments":["f7b1b8a3-5fed-4fd4-ad29-82014e137e19","29cb6c06-1da8-43ea-8be4-b3125f248f2a"],"provisioningCriteria":{"operation":"OR","children":[{"operation":"AND","children":[{"attribute":"dn","operation":"CONTAINS","value":"useast"},{"attribute":"manager","operation":"CONTAINS","value":"Scott.Clark"}]},{"operation":"AND","children":[{"attribute":"dn","operation":"EQUALS","value":"Gibson"},{"attribute":"telephoneNumber","operation":"CONTAINS","value":"512"}]}]}}]